Karsten Hahn @struppigel
MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️ ko-fi.com/struppigel Germany Joined May 2014-
Tweets9K
-
Followers24K
-
Following756
-
Likes24K
Karsten Hahn retweeted
Malware Noob Month Post #4 Does malware need to be written in C or C++? No. You can write malware in any language you want. In fact, I encourage you to write malware in other programming languages. The reason why C (or C++) is so common is because, as is tradition, it has some…
30
45
647
52K
127
In light of the new course, I created a Discord server for MalwareAnalysisForHedghogs to discuss malware analysis related topics. You can join here--this is for every malware enthusiast, not only course members: discord.gg/3evhC4cj
My intermediate level malware analysis course is there. 60% off for the next two weeks. …nalysis-for-hedgehogs.learnworlds.com/course/interme…
This blog post about impostor certificates by @SquiblydooBlog is a gem and very relevant right now. Or: How threat actors impersonate companies to obtain authenticode certificates for signing their malware. And why revokation is important. squiblydoo.blog/2024/05/13/imp…
Karsten Hahn retweeted
dnpy - A Python library for reading .NET assemblies. It's not finished yet, but its current state is sufficient for many tasks. Using only dnpy (without needing another project), you can parse a .NET assembly, iterate through its methods, and read its instructions.…
Some threat actors are bold enough to submit their malware as false positive to antivirus companies. This also happened with AppSuite PDF Editor. Our technical deep-dive is out 📝 gdatasoftware.com/blog/2025/08/3… #GDATA #GDATATechblog #AppSuite
Karsten Hahn retweeted
#TamperedChef SIE Europe passive dns analytics with UMAP clustering shows that the campaign is ~1000 domains and all domains on AWS. SW Signing certs is revoked and webpage certs changed to amazon. All domains uploaded to UrlScan (700k records analysed) @JAMESWT_WT @struppigel
Karsten Hahn retweeted
#Oyster Loader #MalwareAnalysis is out. Please let me know what you think, if it's helpful, and what needs to be improved on for the next one. Thanks to my colleagues for help on this and the heavy lifting. I learned a lot doing this. www2.bluevoyant.com/OysterBackdoor…
Karsten Hahn retweeted
Seeing a (potential new?) python-based backdoor we're tracking as #PyNightshade for the second time delivered via #ClickFix that uses sockets for C2. Supports several commands from C2, including: remote shell, uploading files from the victim host, and self-deletion. It uses RC4…
Karsten Hahn retweeted
@nhegde610 @struppigel In many cases, we’ve seen hosts infected for weeks or months. In my tracking of certificates, I think this actor has been active for a few years pushing PUP-like files.
Karsten Hahn retweeted
@struppigel Our SOC got multiple of these cases this week as well. All PDF-related. Most (if not all) cases have a delay of at least 10 days between initial execution of the downloaded software and execution of malicious .js files. (1/2)
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Alexandre Borges @ale_sp_brazil
28K Followers 147 Following Vulnerability Researcher and Exploit Developer.
ςεяβεяμs - м�... @c3rb3ru5d3d53c
25K Followers 243 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/NoM1TXq00P
BleepingComputer @BleepinComputer
240K Followers 200 Following Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!
GuidedHacking @GuidedHacking
53K Followers 392 Following Reverse Engineering & Game Hacking Courses @ https://t.co/Dl5ED4o7YS
Ali Hadi | B!n@ry @binaryz0ne
33K Followers 565 Following DFIR and Adversary Simulation | DFIR @ ProtonMail
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Thomas Roccia 🤘 @fr0gger_
31K Followers 2K Following AI Security x Threat Intel · Sr. Threat Researcher @Microsoft · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @McAfee_Labs · Views mine 😈
hasherezade @hasherezade
89K Followers 910 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
blackorbird @blackorbird
35K Followers 671 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit #CTI Need Job
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Will @BushidoToken
36K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Michael Koczwara @MichalKoczwara
23K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
Jiří Vinopal @vinopaljiri
10K Followers 462 Following Threat Researcher at Check Point @_CPResearch_ #DFIR #Reversing - All opinions expressed here are mine only. https://t.co/iWvwWF1AnN
Germán Fernández @1ZRR4H
35K Followers 461 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Matthew @embee_research
14K Followers 2K Following Security Researcher, Creating and Sharing Educational Content.
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Virus Bulletin @virusbtn
60K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]
DFIRLeo🔎💻 @DFIRLeo
842 Followers 617 Following DFIR Analyst | Youtuber por hobby 🎮 | Entusiasta da Computação Forense 🕵♂️ | L12:2 | Opiniões são pessoais
Раз Два @RazDva516548
1 Followers 18 Following
Alex @AlexLeroniness
0 Followers 43 Following
Drouniv @Drouniv716
62 Followers 2K Following
Danish @0xDanish_A
8 Followers 109 Following
nad @Nadsec11
9 Followers 133 Following Systems Administrator | Cybersecurity Nerd | Weird Robot Enthusiast https://t.co/zfMsbmbdCv https://t.co/AJrYkXmZRx https://t.co/MhhsXY61CM
Roβ.uas @CodeAutonomous
12 Followers 446 Following At X section of InfoSec and emerging technology | #CyberThreatIntelligence | Pilot🛦 | #AviationSecurity | #SpaceSec | #AgenticSecurity #FlightSim junkie #DCS
INWPIA-Inland NorthWe... @inwpia_org
73 Followers 2K Following INWPIA is the "Largest Private Investigator Association Network" in the State of Idaho. We are an Idaho Secretary of State Non-Profit 501(d). John 3:16-17
Ravix @Ravix91
0 Followers 20 Following
Bobby @MallemalaT42570
0 Followers 75 Following
Thandaninkosi Moyo @Thandaninkosi
77 Followers 847 Following
br4y @cyb3rwqdo
0 Followers 31 Following
codrica @codryk
2 Followers 165 Following
घेता का �... @eramit33
212 Followers 2K Following Doing it my way! cybersec professional | महाराष्ट्र India। (पोपीचंद गडाळकर फॅनक्लब)
StayF0cus @StayF0cus
8 Followers 160 Following
Lance🇺🇲🇺🇲 @kim56g
14 Followers 287 Following
nneJt @nnejt6
1 Followers 82 Following
fasined @fasined1
11 Followers 243 Following
Thallyson Araujo @thallysonmago
256 Followers 394 Following
sudo rm -rf --no-pres... @Jeyso215
3K Followers 7K Following 👊Privacy Guardian | 🌍 Cyber Freedom Advocate | 🇺🇸 🚫📵Anti-Surveillance | 💪Empowering Data Sovereignty
Ykerrea @Ykerrea24704
3 Followers 222 Following
Sharon @Sharon18866
6 Followers 139 Following 👨💻 Dev Advocate | OSS Security Enthusiast Next-gen open-source WAF: SafeLineWAF. Feel free to reach me out!📮[email protected]
KAL EL @KALEL8383
29 Followers 567 Following
Polymorphikx @polymorphikx
68 Followers 1K Following
laffyfx @lj_enthusiast
10 Followers 339 Following csec pleb, node/php dev cs:go kz and surf hobbyist
Sign Sniffer @SignSniffer
0 Followers 42 Following
protoncito @ilprotoncito
27 Followers 682 Following
Ionut Ilascu @Ionut_Ilascu
5K Followers 178 Following security news reporter @BleepinComputer 🐘: https://t.co/9L2XjPxKEV
chiru.rs 🦀 @chiru_chintha9
98 Followers 2K Following web3 security researcher | obsessed with rust 🦀| solana
buhal40 @buhal40
3 Followers 128 Following
Opf0r @opfor01
2 Followers 69 Following
N3uhaus @N3uhaus
85 Followers 303 Following Offensive Security Engineer @NVIDIA | Opinions/Posts are my own unless otherwise stated
Zahid @Zahid374703463
17 Followers 654 Following
V¡per @VIPER_X_CS
1 Followers 71 Following
Oh Ha Ni @_hhrz
120 Followers 578 Following
Mehmet Ayberk @mhmtayberk
1K Followers 2K Following Application Security Engineer • After all, we're all alike. • ☁️ AWS Community Builder • Founder of @hackalldaytr • Threema: https://t.co/H5fE73jmuJ
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
MalwareHunterTeam @malwrhunterteam
244K Followers 38 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
0xor0ne @0xor0ne
81K Followers 514 Following | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
Alexandre Borges @ale_sp_brazil
28K Followers 147 Following Vulnerability Researcher and Exploit Developer.
ςεяβεяμs - м�... @c3rb3ru5d3d53c
25K Followers 243 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/NoM1TXq00P
Binni Shah @binitamshah
141K Followers 165 Following Linux Evangelist, Malwares, Security enthusiast , Investor, Contrarian , Philanthropist , Reformist , Sigma female 🦋 https://t.co/WOvf41tMKV
BleepingComputer @BleepinComputer
240K Followers 200 Following Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!
Florian Hansemann @CyberWarship
84K Followers 47 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
Ali Hadi | B!n@ry @binaryz0ne
33K Followers 565 Following DFIR and Adversary Simulation | DFIR @ ProtonMail
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Thomas Roccia 🤘 @fr0gger_
31K Followers 2K Following AI Security x Threat Intel · Sr. Threat Researcher @Microsoft · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @McAfee_Labs · Views mine 😈
hasherezade @hasherezade
89K Followers 910 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
blackorbird @blackorbird
35K Followers 671 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit #CTI Need Job
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Unit 42 @Unit42_Intel
63K Followers 82 Following The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.
Will @BushidoToken
36K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Jiří Vinopal @vinopaljiri
10K Followers 462 Following Threat Researcher at Check Point @_CPResearch_ #DFIR #Reversing - All opinions expressed here are mine only. https://t.co/iWvwWF1AnN
Ezra Woods @Shammahwoods
114 Followers 60 Following we do a bit of security research ‘round these parts.
Hunting_Yeth_Hounds @HuntYethHounds
26 Followers 30 Following I track the trail of the spectral hounds. Investigating the digital ghosts that haunt the wire turning faint whispers in the dark into actionable intelligence.
Igor Skochinsky (@Igo... @IgorSkochinsky
4K Followers 292 Following software developer at Hex-Rays*, hobby reverse engineer. Advanced cleartext hacker. 日本語おk *For Hex-Rays support/inquiries: https://t.co/rxVwo1npoQ
Expel @ExpelSecurity
13K Followers 281 Following The leading MDR provider trusted by some of the world’s most renowned brands to expel adversaries, minimize risk, & build security resilience. https://t.co/uTjUcRDveB
Invoke RE @InvokeReversing
2K Followers 93 Following Empowering you to take on today's toughest threats.
Moonlock Lab @moonlock_lab
1K Followers 35 Following Malware research lab @moonlock_com Assembled by @macpaw to detect and study cybersecurity threats.
Kağan IŞILDAK @kaganisildak
4K Followers 2K Following co-founder @malwation @threatzone_ :: [email protected] building holistic platforms to analyze malware
Chris Rose @WhatsACreel
973 Followers 1 Following
R3BELF0X @goldenjackel12
35 Followers 284 Following
SOCLabs @DetectionLabs
53 Followers 188 Following We are building a SIEM learning and training platform for detection engineers.
SecBadger (Mark D) @secbadger_
58 Followers 117 Following Enterprise security practitioner: IR, threat hunting, Security tooling
[email protected]... @0xdea
14K Followers 19 Following When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
Hex-Rays SA @HexRaysSA
8K Followers 132 Following We are a hi-tech company focusing on binary software analysis. Our main products are IDA Pro and the Hex-Rays Decompiler. Discourse: https://community.hex-rays
Is Now on VT! @Now_on_VT
4K Followers 788 Following Stay ahead of cyber threats. Get real-time alerts on notable APT/FIN/ORB indicators from VirusTotal. A threat intel project by @craiu.
PELock @PELock
2K Followers 754 Following My pronouns ⚙️Polymorphic & Metamorphic engines, 🛡 Binary & source code obfuscation, Software protection, Reversing, Radio unlock codes, Social Media marketing
Tony/Humpty @cyb3rjerry
405 Followers 999 Following @ https://t.co/HuR3g0HPkx on BlueSky Lead SOC analyst | Stumbling my way into RE | HAM nerd Opinions are my own
INTERPOL @INTERPOL_HQ
330K Followers 620 Following Connecting police & catching criminals in 196 countries for more than a century. Report crimes to your local #police. Follow our Secretary General @Interpol_SG
operations6 @_operations6_
1K Followers 1K Following
Luke Acha @luke92881
345 Followers 264 Following Incident Response and Malware Detection enthusiast.
dingusxmcgee @dingusxmcgee
3 Followers 1 Following
bells @bellafusari1
1K Followers 296 Following An ellie waltman fanpage with a knack for breaking software. @[email protected] + https://t.co/QXhPParXGV. @greynoiseio snuggie owner. TWEETS MY OWN
WatchingRac @RacWatchin8872
2K Followers 195 Following Threat Intelligence. My Opinions Thanks @silentpush, @censysio, @ValidinLLC, @anyrun_app for making my research easier.
Arnold Osipov @osipov_ar
1K Followers 320 Following Security Researcher @Morphisec | Former - Check Point Research | RE, Malware & Threat hunting | Software Engineer.
Who said what? @g0njxa
5K Followers 95 Following ChatGPT says I'm a cyber researcher :) | donate 💸 to g0njxa.eth 💖 | Bad student, enthusiast, defo not an expert DMs are open, feel free to reach! 😼☂️🟣
DaveTheResearcher @DaveLikesMalwre
1K Followers 149 Following Threat Hunter | CyberSecurity Researcher | IOC Dealer |
Pavel Yosifovich @zodiacon
14K Followers 915 Following Windows Internals expert, author, and trainer. Teaching system programming & debugging at TrainSec. Check out my books & courses! 🚀 #WindowsInternals #TrainSec
Muhammad Umair @m_umairx
564 Followers 99 Following Reverse Engineer @ Google FLARE. Malware stuff. Views are my own.
Szabolcs Schmidt @smica83
2K Followers 413 Following Threat Intel Specialist and Incident Responder. Private account. All opinions expressed here are mine only. https://t.co/7dQQO1JwUd
Cyber Team @Cyberteam008
3K Followers 61 Following Threat Hunting | APT Tracking | Malware Analysis | Darkweb Monitoring "Unity is Strength"
TomU | I'm still here... @c_APT_ure
8K Followers 6K Following #InfoSec professional, husband & father of two (in random order). #BlueTeam #DFIR #APT #CTI #RedTeaming #BSidesZH (RT/Likes ≠ endorsement) 👀➡️#MalwareChallenge
Prashant Uniyal 🇮�... @prashant_92
401 Followers 690 Following #InfoSec n00b @garage4hackers from the Himalayas | CTI enthusiast decoding cyber puzzles | SOF watchdog, #OSINTforGood | Hiker, Bikepacker on Cycle
𝚍𝚛𝚎𝚊𝚖�... @bofheaded
1K Followers 1K Following My forte: APT/s Hunting | Attribution and Correlation | TTPs and Attack to TA | Threat Intelligence. [email protected]
neeraj @knight0x07
1K Followers 818 Following Security Researcher @SentinelOne | Malware Loving Homo Sapien | I do xchg eax,eax | Tweets are my own
Lontz @lontze7
1K Followers 422 Following Threat Intel Researcher. Opinions are mine. Special thanks to @censysio , @ValidinLLC & @ReversingLabs for making my research easier.
Aaron Jornet @RexorVc0
4K Followers 396 Following Threat Researcher at @socradar | Malware Researcher | Threat Hunter | CTI ¦ Former @ElevenPaths @Panda_Security
RAKESH KRISHNAN @RakeshKrish12
4K Followers 118 Following Scam Hunter | Blockchain Investigator | Threat Intel Researcher | Sheds light on Dark Web| Read my findings https://t.co/sTD7UDFfUr https://t.co/ivvg7T74JXTrends for United States
47 B posts
118 B posts
9.116 posts
19,5 B posts
9.809 posts
7.339 posts
23,5 B posts
8.248 posts
4.188 posts
31,2 B posts
5.628 posts
3.777 posts
27,5 B posts
4.866 posts
2.133 posts
5.819 posts
2.981 posts
1.577 posts
2.273 posts
3.607 posts
You might like
hasherezade
@hasherezade
89K Followers
Alexandre Borges
@ale_sp_brazil
28K Followers
herrcore
@herrcore
14K Followers
Arkbird
@Arkbird_SOLG
15K Followers
ςεяβεяμs - м�...
@c3rb3ru5d3d53c
25K Followers
The DFIR Report
@TheDFIRReport
62K Followers
blackorbird
@blackorbird
35K Followers
Thomas Roccia 🤘
@fr0gger_
31K Followers
Dee
@ViriBack
10K Followers
ExecuteMalware
@executemalware
27K Followers
abuse.ch
@abuse_ch
36K Followers
Chetan Nayak (Brute R...
@NinjaParanoid
31K Followers
Myrtus
@Myrtus0x0
8K Followers
Jiří Vinopal
@vinopaljiri
10K Followers
reecDeep
@reecdeep
11K Followers